SAP NetWeaver Application Server Java 代码注入漏洞

SAP NetWeaver Application Server Java is an application server provided by the German company SAP, which offers a Java runtime environment. This product is primarily used for developing and running Java EE applications. SAP NetWeaver Application Server Java has a code injection vulnerability; thi...

PT-2026-32920

ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction...

Adobe Bridge 安全漏洞

Adobe Bridge is a file viewer from the American company Audobee Adobe. Adobe Bridge suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code in the context of the current user...

Adobe Connect <= 12.10 Multiple Vulnerabilities (APSB26-37)

The version of Adobe Connect installed on the remote host is prior to 12.11. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb26-37 advisory. - Adobe Connect versions 2025.3, 12.10 and earlier are affected by a Deserialization of Untrusted Data vulnerability that...

MiracleLinux 8 : vim-8.0.1763-22.el8_10.1.ML.1 (AXSA:2026-423:06)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-423:06 advisory. vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin CVE-2026-28417 vim: Vim: Denial of service and information disclosure...

Adobe Framemaker 安全漏洞

Adobe Framemaker is the United States of America Odooby Adobe company's set of page layout software for writing and editing large or complex documents including structured documents. Adobe Framemaker suffers from a heap buffer overflow vulnerability that could be exploited by an attacker to cause...

Siemens RUGGEDCOM CROSSBOW Station Access Controller (SAC)

SUMMARY RUGGEDCOM CROSSBOW Station Access Controller SAC contains a vulnerability that could allow an attacker to achieve arbitrary code execution and to create a denial of service condition. Siemens has released a new version for RUGGEDCOM CROSSBOW Station Access Controller SAC and recommends...

APSB26-37 : Security update available for Adobe Connect

Adobe has released a security update for Adobe Connect. This update resolves critical and important vulnerabilities that could lead to arbitrary code execution and privilege escalation...

APSB26-44 : Security update available for Adobe Acrobat Reader

Adobe has released a security update for Adobe Acrobat and Reader for Windows and macOS. This update addresses critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution and arbitrary file system read...

APSB26-39 : Security update available for Adobe Bridge

Adobe has released a security update for Adobe Bridge. This update addresses critical and important vulnerabilities that could lead to arbitrary code execution and application denial-of-service...

APSB26-42 : Security update available for Adobe Illustrator

Adobe has released an update for Adobe Illustrator. This update resolves a critical vulnerability that could lead to arbitrary code execution...

APSB26-33 : Security update available for Adobe InCopy

Adobe has released a security update for Adobe InCopy. This update addresses critical vulnerabilities that could lead to arbitrary code execution...

Amazon Linux 2 : plexus-utils, --advisory ALAS2-2026-3233 (ALAS-2026-3233)

The version of plexus-utils installed on the remote host is prior to 3.0.9-9. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3233 advisory. Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus- utils before...

Adobe InDesign < 20.5.3 / 21.0 < 21.3.0 Multiple Vulnerabilities (APSB26-32)

The version of Adobe InDesign installed on the remote Windows host is prior to 20.5.3, 21.3.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB26-32 advisory. - Heap-based Buffer Overflow CWE-122 potentially leading to Arbitrary code execution CVE-2026-34627,...

Adobe InDesign < 20.5.3 / 21.0 < 21.3.0 Multiple Vulnerabilities (APSB26-32) (macOS)

The version of Adobe InDesign installed on the remote macOS host is prior to 20.5.3, 21.3.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB26-32 advisory. - Heap-based Buffer Overflow CWE-122 potentially leading to Arbitrary code execution CVE-2026-34627,...

RHEL 8 : firefox (RHSA-2026:8052)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:8052 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: libpng:...

Adobe Acrobat Reader 安全漏洞

Adobe Acrobat Reader is a PDF viewer developed by Adobe Inc. This software is used for printing, signing, and annotating PDF documents. Vulnerabilities exist in versions of Adobe Acrobat Reader 26.001.21411 and earlier, as well as versions 24.001.30360 and earlier, and 24.001.30362 and earlier...

APSB26-32 : Security update available for Adobe InDesign

Adobe has released a security update for Adobe InDesign. This update addresses critical and important vulnerabilities that could lead to arbitrary code execution, application denial-of-service, and memory exposure...

Adobe Connect 代码问题漏洞

Adobe Connect is a software developed by Adobe, a company based in America, used for creating meeting environments. The Adobe Connect version 2025.3, as well as versions 12.10 and earlier, have code vulnerabilities. These vulnerabilities stem from the deserialization of untrusted data, which coul...

Incorrect use of LocateProtocol Service of the EFI_BOOT_Services table in SMI Handler

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2025-54502| Incorrect use of boot service in the AMD Platform Configuration Blob APCB SMM driver could allow a privileged attacker with local access Ring 0 to achieve privilege escalation...